Unique ID: (required: ###-##-#### form)
First Name: Last Name: Phone: Address: City: State: Zip Code: (required: any five digits)
Contract: File: Default.aspx.cs
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Web.Configuration;
using System.Data.SqlClient;
public partial class AuthorManager : System.Web.UI.Page
{
private string connectionString = WebConfigurationManager.ConnectionStrings["Pubs"].ConnectionString;
protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
FillAuthorList();
}
}
private void FillAuthorList()
{
lstAuthor.Items.Clear();
string selectSQL = "SELECT au_lname, au_fname, au_id FROM Authors";
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(selectSQL, con);
SqlDataReader reader;
try
{
con.Open();
reader = cmd.ExecuteReader();
while (reader.Read())
{
ListItem newItem = new ListItem();
newItem.Text = reader["au_lname"] + ", " + reader["au_fname"];
newItem.Value = reader["au_id"].ToString();
lstAuthor.Items.Add(newItem);
}
reader.Close();
}
catch (Exception err)
{
lblResults.Text = "Error reading list of names. ";
lblResults.Text += err.Message;
}
finally
{
con.Close();
}
}
protected void lstAuthor_SelectedIndexChanged(object sender, EventArgs e)
{
string selectSQL;
selectSQL = "SELECT * FROM Authors ";
selectSQL += "WHERE au_id='" + lstAuthor.SelectedItem.Value + "'";
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(selectSQL, con);
SqlDataReader reader;
try
{
con.Open();
reader = cmd.ExecuteReader();
reader.Read();
txtID.Text = reader["au_id"].ToString();
txtFirstName.Text = reader["au_fname"].ToString();
txtLastName.Text = reader["au_lname"].ToString();
txtPhone.Text = reader["phone"].ToString();
txtAddress.Text = reader["address"].ToString();
txtCity.Text = reader["city"].ToString();
txtState.Text = reader["state"].ToString();
txtZip.Text = reader["zip"].ToString();
chkContract.Checked = (bool)reader["contract"];
reader.Close();
lblResults.Text = "";
}
catch (Exception err)
{
lblResults.Text = "Error getting author. ";
lblResults.Text += err.Message;
}
finally
{
con.Close();
}
}
protected void cmdNew_Click(object sender, EventArgs e)
{
txtID.Text = "";
txtFirstName.Text = "";
txtLastName.Text = "";
txtPhone.Text = "";
txtAddress.Text = "";
txtCity.Text = "";
txtState.Text = "";
txtZip.Text = "";
chkContract.Checked = false;
lblResults.Text = "Click Insert New to add the completed record.";
}
protected void cmdInsert_Click(object sender, EventArgs e)
{
if (txtID.Text == "" || txtFirstName.Text == "" || txtLastName.Text == "")
{
lblResults.Text = "Records require an ID, first name, and last name.";
return;
}
string insertSQL;
insertSQL = "INSERT INTO Authors (";
insertSQL += "au_id, au_fname, au_lname, ";
insertSQL += "phone, address, city, state, zip, contract) ";
insertSQL += "VALUES (";
insertSQL += "@au_id, @au_fname, @au_lname, ";
insertSQL += "@phone, @address, @city, @state, @zip, @contract)";
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(insertSQL, con);
cmd.Parameters.AddWithValue("@au_id", txtID.Text);
cmd.Parameters.AddWithValue("@au_fname", txtFirstName.Text);
cmd.Parameters.AddWithValue("@au_Lname", txtLastName.Text);
cmd.Parameters.AddWithValue("@phone", txtPhone.Text);
cmd.Parameters.AddWithValue("@address", txtAddress.Text);
cmd.Parameters.AddWithValue("@city", txtCity.Text);
cmd.Parameters.AddWithValue("@state", txtState.Text);
cmd.Parameters.AddWithValue("@zip", txtZip.Text);
cmd.Parameters.AddWithValue("@contract", Convert.ToInt16(chkContract.Checked));
int added = 0;
try
{
con.Open();
added = cmd.ExecuteNonQuery();
lblResults.Text = added.ToString() + " record inserted.";
}
catch (Exception err)
{
lblResults.Text = "Error inserting record. ";
lblResults.Text += err.Message;
}
finally
{
con.Close();
}
if (added > 0)
{
FillAuthorList();
}
}
protected void cmdUpdate_Click(object sender, EventArgs e)
{
string updateSQL;
updateSQL = "UPDATE Authors SET ";
updateSQL += "au_fname=@au_fname, au_lname=@au_lname, ";
updateSQL += "phone=@phone, address=@address, city=@city, state=@state, ";
updateSQL += "zip=@zip, contract=@contract ";
updateSQL += "WHERE au_id=@au_id_original";
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(updateSQL, con);
cmd.Parameters.AddWithValue("@au_fname", txtFirstName.Text);
cmd.Parameters.AddWithValue("@au_Lname", txtLastName.Text);
cmd.Parameters.AddWithValue("@phone", txtPhone.Text);
cmd.Parameters.AddWithValue("@address", txtAddress.Text);
cmd.Parameters.AddWithValue("@city", txtCity.Text);
cmd.Parameters.AddWithValue("@state", txtState.Text);
cmd.Parameters.AddWithValue("@zip", txtZip.Text);
cmd.Parameters.AddWithValue("@contract", Convert.ToInt16(chkContract.Checked));
cmd.Parameters.AddWithValue("@au_id_original", lstAuthor.SelectedItem.Value);
int updated = 0;
try
{
con.Open();
updated = cmd.ExecuteNonQuery();
lblResults.Text = updated.ToString() + " record updated.";
}
catch (Exception err)
{
lblResults.Text = "Error updating author. ";
lblResults.Text += err.Message;
}
finally
{
con.Close();
}
if (updated > 0)
{
FillAuthorList();
}
}
protected void cmdDelete_Click(object sender, EventArgs e)
{
string deleteSQL;
deleteSQL = "DELETE FROM Authors ";
deleteSQL += "WHERE au_id=@au_id";
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(deleteSQL, con);
cmd.Parameters.AddWithValue("@au_id ", lstAuthor.SelectedItem.Value);
int deleted = 0;
try
{
con.Open();
deleted = cmd.ExecuteNonQuery();
lblResults.Text = "Record deleted.";
}
catch (Exception err)
{
lblResults.Text = "Error deleting author. ";
lblResults.Text += err.Message;
}
finally
{
con.Close();
}
if (deleted > 0)
{
FillAuthorList();
}
}
}
File: Web.config